macOS 11.3 Patches Security Vulnerability That Bypassed Built-In Malware Protections
Apple today confirmed to TechCrunch that the just-released macOS 11.3 software update patches a security vulnerability that reportedly could have allowed a hacker to remotely access a user's sensitive data by tricking a user into opening a spoofed document.
"All the user would need to do is double click — and no macOS prompts or warnings are generated," said security researcher Cedric Owens, who discovered the vulnerability in mid-March, according to the report. Owens developed a proof-of-concept app masquerading as a harmless document that exploits the bug to launch the Calculator app, but he said the vulnerability could be exploited for more nefarious purposes.
According to security researcher Patrick Wardle, the vulnerability was the result of a logic bug in macOS's underlying code.
"In simple terms, macOS apps aren't a single file but a bundle of different files that the app needs to work, including a property list file that tells the application where the files it depends on are located," explains TechCrunch. "But Owens found that taking out this property file and building the bundle with a particular structure could trick macOS into opening the bundle — and running the code inside — without triggering any warnings."
In addition to fixing the bug in macOS 11.3, Apple told TechCrunch it patched earlier macOS versions to prevent abuse, and updated macOS's built-in anti-malware system XProtect to block malware from exploiting the vulnerability. The report says the bug was exploited for months, but it's unclear how many users were impacted.
Popular Stories
A source said to be familiar with Apple's supply chain today revealed the color options Apple is planning for the iPhone 18 Pro, iPhone 18 Pro Max, and the upcoming foldable iPhone.
Image via Macworld.
The information comes from Macworld, which says the signature new color for this year's Pro models will be Dark Cherry, a deep wine-like red. While other sources had previously reported on a...
According to the latest rumors, Apple is close to launching its next-generation iPad mini. So what should we expect from the successor to the iPad mini 7 that Apple released over a year ago? Read on to find out.
Processor and Performance
Apple is working on a next-generation version of the iPad mini (codename J510/J511) that features the A19 Pro chip, according to information found in code...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
Popular Stories
A source said to be familiar with Apple's supply chain today revealed the color options Apple is planning for the iPhone 18 Pro, iPhone 18 Pro Max, and the upcoming foldable iPhone.
Image via Macworld.
The information comes from Macworld, which says the signature new color for this year's Pro models will be Dark Cherry, a deep wine-like red. While other sources had previously reported on a...
According to the latest rumors, Apple is close to launching its next-generation iPad mini. So what should we expect from the successor to the iPad mini 7 that Apple released over a year ago? Read on to find out.
Processor and Performance
Apple is working on a next-generation version of the iPad mini (codename J510/J511) that features the A19 Pro chip, according to information found in code...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
